github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #69704 from yue9944882/chore/sync-psp-api 

Sync PSP v1beta1 api definitions with internals
pull/58/head
k8s-ci-robot 2018-10-12 20:42:18 -07:00 committed by GitHub
parent 46f0f2a2c9 e7c1f0500b
commit 521028ed52
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
staging/src/k8s.io/api/policy/v1beta1/types.go
View File

@ -253,6 +253,10 @@ type AllowedHostPath struct {
// FSType gives strong typing to different file systems that are used by volumes. // FSType gives strong typing to different file systems that are used by volumes.
type FSType string type FSType string
// AllowAllCapabilities can be used as a value for the PodSecurityPolicy.AllowAllCapabilities
// field and means that any capabilities are allowed to be requested.
var AllowAllCapabilities v1.Capability = "*"
var ( var (
AzureFile FSType = "azureFile" AzureFile FSType = "azureFile"
Flocker FSType = "flocker" Flocker FSType = "flocker"
@ -273,8 +277,15 @@ var (
DownwardAPI FSType = "downwardAPI" DownwardAPI FSType = "downwardAPI"
FC FSType = "fc" FC FSType = "fc"
ConfigMap FSType = "configMap" ConfigMap FSType = "configMap"
VsphereVolume FSType = "vsphereVolume"
Quobyte FSType = "quobyte" Quobyte FSType = "quobyte"
AzureDisk FSType = "azureDisk" AzureDisk FSType = "azureDisk"
PhotonPersistentDisk FSType = "photonPersistentDisk"
StorageOS FSType = "storageos"
Projected FSType = "projected"
PortworxVolume FSType = "portworxVolume"
ScaleIO FSType = "scaleIO"
CSI FSType = "csi"
All FSType = "*" All FSType = "*"
) )
@ -385,6 +396,9 @@ type FSGroupStrategyOptions struct {
type FSGroupStrategyType string type FSGroupStrategyType string
const ( const (
// FSGroupStrategyMayRunAs means that container does not need to have FSGroup of X applied.
// However, when FSGroups are specified, they have to fall in the defined range.
FSGroupStrategyMayRunAs FSGroupStrategyType = "MayRunAs"
// FSGroupStrategyMustRunAs meant that container must have FSGroup of X applied. // FSGroupStrategyMustRunAs meant that container must have FSGroup of X applied.
FSGroupStrategyMustRunAs FSGroupStrategyType = "MustRunAs" FSGroupStrategyMustRunAs FSGroupStrategyType = "MustRunAs"
// FSGroupStrategyRunAsAny means that container may make requests for any FSGroup labels. // FSGroupStrategyRunAsAny means that container may make requests for any FSGroup labels.
@ -407,6 +421,9 @@ type SupplementalGroupsStrategyOptions struct {
type SupplementalGroupsStrategyType string type SupplementalGroupsStrategyType string
const ( const (
// SupplementalGroupsStrategyMayRunAs means that container does not need to run with a particular gid.
// However, when gids are specified, they have to fall in the defined range.
SupplementalGroupsStrategyMayRunAs SupplementalGroupsStrategyType = "MayRunAs"
// SupplementalGroupsStrategyMustRunAs means that container must run as a particular gid. // SupplementalGroupsStrategyMustRunAs means that container must run as a particular gid.
SupplementalGroupsStrategyMustRunAs SupplementalGroupsStrategyType = "MustRunAs" SupplementalGroupsStrategyMustRunAs SupplementalGroupsStrategyType = "MustRunAs"
// SupplementalGroupsStrategyRunAsAny means that container may make requests for any gid. // SupplementalGroupsStrategyRunAsAny means that container may make requests for any gid.